Microsoft Security Advisory (917021)

Microsoft Security Advisory (917021)
Description of the Wi-Fi Protected Access 2 support for Wireless Group Policy in Windows XP Service Pack 2
Published: October 17, 2006

Microsoft is releasing this security advisory to inform customers about an update that enables Wi-Fi Protected Access 2 (WPA2) support for Wireless network Group Policy settings in Windows XP Service Pack 2. This update is being released to provide parity between Windows XP Service Pack 2 (before a broad release vehicle, like a service pack, is released) and the upcoming release of Windows Server 2003 Service Pack 2. With this update, customers can create Wireless network Group Policy settings to simultaneously manage WPA2 on systems running Windows XP Service Pack 2 and for any versions of Windows targeted by the upcoming Windows Server 2003 Service Pack 2.

Also included in this update are Wireless client behavior changes for non-broadcast and ad-hoc networks. These defense-in-depth changes are intended to help prevent systems from connecting to networks other than those a user intends to connect to.

The reason these defense-in-depth changes are included in this update in addition to the WPA2 support for Wireless network Group Policy is to provide parity between the two Windows versions. This makes it possible to manage WPA2 settings for wireless clients on different Windows versions using the same Wireless Group Policy.

These defense-in-depth changes will be included in Windows 2003 Service Pack 2 as part of the same WPA2 support for Wireless network Group Policy settings. For more information about the upcoming Windows 2003 Service Pack 2 see the Windows Service Pack Road Map. The broad release vehicle is still considered to be a service pack for Windows XP for the defense-in-depth changes included in update 917021.